Server | nginx/1.10.2 |
Content-Type | text/html; charset=utf-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-Powered-By | Express |
ETag | W/"2df4-DE2Kc2axlLa/3u59sr9f3Q" |
Strict-Transport-Security | max-age=15768000; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1 |
Content-Security-Policy | default-src * 'self'; font-src *; style-src 'self' * 'unsafe-inline'; img-src * data:; media-src * blob:; script-src * 'unsafe-inline' 'unsafe-eval'; child-src *; connect-src *; object-src * |
Referrer-Policy | no-referrer-when-downgrade |
Content-Encoding | gzip |